Security update for drm SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:0509-1 Final 1 1 2018-02-21T13:43:43Z current 2018-02-21T13:43:43Z 2018-02-21T13:43:43Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for drm This update for drm provides the following fixes: This security issue was fixed: - CVE-2017-10810: Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c allowed attackers to cause a denial of service (memory consumption) by triggering object-initialization failures (bnc#1047277) These non-security issues were fixed: - Backport upstream 4.9.x stable fixes up to 4.9.81 (bsc#1041744). - Fixed crash at suspend/resume on old Intel chipsets (bsc#1047729, bsc#1050256) - Fixed large topology support for vmwgfx (bsc#1048155) - Workaround for BXT aperture vs GTT chip bug (bsc#1046821) - Limit the supplements for the default hardware support to only Intel Skylake / Kabylake and AMDGPU (bsc#1077885) 4.9.x i915 seems more buggy than expected for old chipsets. - Conditionally build aarch64 as well (bsc#1066175) - Build host1x module (taken from the kernel-source) as well for avoiding the unneeded dependency on kernel-default-extra on ARM64 (bsc#1066175) - Enable AMDGPU CIK and SI (bsc#1066175): - Add missing hisilicon hibmc driver (bsc#1066175): - Add si_support and cik_support options to radeon and amdgpu (bsc#1066175): - Update Module.supported and apply it properly; following SLE12-SP3 kernel status - Backport the upstream DP-MST fixes, addressing a hang at S3 resume (bsc#1055493): The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-DESKTOP-12-SP3-2018-337,SUSE-SLE-WE-12-SP3-2018-337 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20180509-1/ Link for SUSE-SU-2018:0509-1 https://lists.suse.com/pipermail/sle-security-updates/2018-February/003747.html E-Mail link for SUSE-SU-2018:0509-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1041744 SUSE Bug 1041744 https://bugzilla.suse.com/1046821 SUSE Bug 1046821 https://bugzilla.suse.com/1047277 SUSE Bug 1047277 https://bugzilla.suse.com/1047729 SUSE Bug 1047729 https://bugzilla.suse.com/1048155 SUSE Bug 1048155 https://bugzilla.suse.com/1050256 SUSE Bug 1050256 https://bugzilla.suse.com/1055493 SUSE Bug 1055493 https://bugzilla.suse.com/1066175 SUSE Bug 1066175 https://bugzilla.suse.com/1077885 SUSE Bug 1077885 https://www.suse.com/security/cve/CVE-2017-10810/ SUSE CVE CVE-2017-10810 page SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP3 drm-kmp-default-4.9.33_k4.4.114_94.11-4.11.1 drm-kmp-default-4.9.33_k4.4.114_94.11-4.11.1 as a component of SUSE Linux Enterprise Desktop 12 SP3 drm-kmp-default-4.9.33_k4.4.114_94.11-4.11.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP3 Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures. CVE-2017-10810 SUSE Linux Enterprise Desktop 12 SP3:drm-kmp-default-4.9.33_k4.4.114_94.11-4.11.1 SUSE Linux Enterprise Workstation Extension 12 SP3:drm-kmp-default-4.9.33_k4.4.114_94.11-4.11.1 moderate 1.2 AV:L/AC:H/Au:N/C:N/I:N/A:P 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20180509-1/ https://www.suse.com/security/cve/CVE-2017-10810.html CVE-2017-10810 https://bugzilla.suse.com/1047277 SUSE Bug 1047277